Encode message in image with Steganography [Step-by-Step]


Ethical hacking

Reviewer: Deepak Prasad

Hello learners, in this article we will be covering steganography and specifically image steganography. This is the art of hiding an encoded message in plain sight. This method is used by hackers to share information among themselves while avoiding detection by interested parties. i.e. Law enforcers.

By using this art hackers are able to share their messages anonymously while still using the common mode of communication and at the same time avoiding being detected. It is a cheap and easy method of sending sensitive information as it is sent via common communication mode without raising suspicion.

In this guide we will be hiding a message in an image using 3 methods; using a terminal tool (Steghide), steganography on windows machine and using a GUI tool to hide a secret message in image. (Stegosuite, Openstego)

 

Pre-requisites

  • Have a running instance of Kali linux.
  • Have a running instance of windows OS.
  • Havejava
  • Intermediate knowledge of using the terminal.

 

Tool 1: STEGHIDE

Step 1: Installing Steghide on Kali Linux

To install steganography tools on Kali Linux is as easy as running a command on the terminal. The tool is terminal based. To install it on the system we run the below command on the terminal.

apt-get install Steghide

 

Step 2: Creating Steghide folder

After installation is complete, we are now ready to hide a secret message on an image. We first create a folder where we will place all the files required for this process and navigate into the directory containing the files.

mkdir ‘image steganography’
cd ‘image steganography’

We can get the image in which we will hide our text information from pexels. The images on this website are copyright free. We also need to create a text file in which we will write the information which is to be hidden in the image.

touch steg.txt

Below is a screenshot of the files as they are in the ‘image steganography’ folder.

steganography

In the steg.txt we will write the message that we need to hide within the image. Below is a photo of the information that we will add to the image.

steganography

 

Step 3: Embedding text to a photo using Steghide

Having the text file and the image ready, we can now start the process. We will hide the text within the text file using the below command. On running the command, Steghide requires you to enter a passphrase. You can use passphrase of your liking as long as you make sure you use the one that satisfies the characteristics of a good password to avoid brute force attacks.

steganography

 

Explanation

  • embed ef - This is an option to embed the message which is found in steg.txt.
  • cf - This option specifies the target image on which we want to embed the message.

Now when we compare the two images, before and after steganography, we can see some changes on the image properties. The image has increased in size after we embedded the message.

steganography

 

Tool 2: STEGOSUITE

Stegosuite is a graphical steganography tool. it is compatible with Linux, mac and windows operating systems. To use it, you need to have java installed in your system. 

 

Step 1: installing Stegosuite

Use this command in your terminal and the steganography tool will be installed in your system.

Encode message in image with Steganography [Step-by-Step]

 

Step 2: Launching Stegosuite

To launch the tool, you can use the command line and just use the command “Stegosuite” and it will pop up in a new window.

steganography

 

Step 3: Adding the steganography image

Here now, you can drag and drop your image in to the window, and you will be prompted with a new layout which you can now enter your secret message.

Encode message in image with Steganography [Step-by-Step]

After Entering you secret message, you can enter a password the embed it by clicking the embed button at the bottom.

Encode message in image with Steganography [Step-by-Step]

A new file or copy of the image will be generated with the secret message embedded in it in the same file path as the original image.

You will note that the images are the same when you view them normally, but they vary in terms of size. The one with the secret text embedded is slightly larger than the original version.

 

Tool 3: OPENSTEGO

This is a graphical open source steganography tool. It supports different platforms like linux, mac and windows.

 

Step 1: Installing Openstego

The first step is to download the executable from its github repo.

Encode message in image with Steganography [Step-by-Step]

 

Step 2: Installing Openstego on windows

To install on windows Openstego on windows we just need to run the installer as administrator.

Encode message in image with Steganography [Step-by-Step]

 

Step 2: Launching the application

To launch the application, we click on the start button and search for Openstego in the apps section then run it. The application will pop up.

Encode message in image with Steganography [Step-by-Step]

We can see it has almost the same features as Stegosuite but more advanced and attractive.

 

Step 3: Embedding the secret message

With Openstego, you have to select the secret file, cover-file and the preferred name of the output stego file. It also has different types of encryption algorithms to ensure security of the embedded message.

Encode message in image with Steganography [Step-by-Step]

 

Extracting the secret message

Since we hide hide this secret message, we can also extract them. For example if its for communication purposes, the receiving party, has to extract the message from the file its embedded in.

 

Recovering embedded text using Steghide

Now that we have embedded the message on the image, we can go on to extract the message from the image. In real life scenario, extraction of the message would be done by the recipient of the image. He/she must have the secret passphrase used when adding the message.

Encode message in image with Steganography [Step-by-Step]

After extracting, a steg.txt document will be created with the extracted information in it.

 

Recovering embedded text using Stegosuite

The process with this is quite simple, since you just insert the embedded image and the passphrase and then click on extract and you get the message.

 

Recovering embedded text using Openstego

The process here, is almost the same as that of Stegosuite whereby you have to attach the embedded image, then choose an output folder and provide the password used earlier. For Openstego, like Steghide, it outputs a text file with the message same as the one embedded.

Encode message in image with Steganography [Step-by-Step]

 

Summary

In this tutorial we were able to perform steganography using various tools and on different operating system. Image steganography is an easy yet powerful way of sending and receiving information. Different options such as compressing the final file are available when hiding information. This option makes steganography an even more efficient mode of sending messages. Despite being effective, steganography can still be detected and decrypted in forensic analysis. In our next article we will be covering image forensics.

 

Kennedy Muthii

Kennedy Muthii

He is an accomplished professional proficient in Python, ethical hacking, Linux, cybersecurity, and OSINT. With a track record including winning a national cybersecurity contest, launching a startup in Kenya, and holding a degree in information science, he is currently engaged in cutting-edge research in ethical hacking. You can connect with him on his LinkedIn profile.

Can't find what you're searching for? Let us assist you.

Enter your query below, and we'll provide instant results tailored to your needs.

If my articles on GoLinuxCloud has helped you, kindly consider buying me a coffee as a token of appreciation.

Buy GoLinuxCloud a Coffee

For any other feedbacks or questions you can send mail to admin@golinuxcloud.com

Thank You for your support!!

Leave a Comment